This Privacy Policy describes our policies and procedures for the collection, use, and disclosure of your information when you use the Service. It also informs You about Your privacy rights and how the law protects You. We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
Interpretation And Definitions
Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Definitions
For the purposes of this Privacy Policy:
You refers to the individual accessing or using the Service, or the company or other legal entity on behalf of which such individual is accessing or using the Service, as applicable. Under GDPR, You may be referred to as the Data Subject or the User.
Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to  Murray Hill Plastic Surgery, located at 111 E 31st St, New York, NY 10016. For GDPR purposes, the Company is the Data Controller.
Country refers to the United States of America, specifically New York.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, provide the Service on behalf of the Company, perform services related to the Service, or assist the Company in analyzing how the Service is used. Under GDPR, Service Providers are considered Data Processors.
Third-party Social Media Service refers to any website or social network through which a User can log in or create an account to use the Service.
Personal Data is any information that relates to an identified or identifiable individual. Under GDPR, Personal Data includes any information relating to You such as a name, identification number, location data, online identifier, or factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity. Under CCPA, Personal Data means any information that identifies, relates to, describes, or is capable of being associated with You.
Cookies are small files placed on Your computer, mobile device, or any other device by a website, containing details of Your browsing history on that website among its many uses.
Device means any device that can access the Service such as a computer, cellphone, or digital tablet.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (e.g., the duration of a page visit).
Data Controller (GDPR) refers to the Company as the legal person which determines the purposes and means of the processing of Personal Data.
A2P Messaging Compliance
We comply with all applicable A2P messaging regulations. This includes obtaining explicit consent from users before sending any promotional messages. Users will be informed of the frequency of messages, message costs (if any), and how to opt-out.
Consent for Messaging
By providing your phone number, you consent to receive SMS messages from us regarding our services, promotions, and updates. Consent to receive marketing messages is not required as a condition of purchasing any goods or services. You may opt-out at any time by following the instructions provided in the messages or by contacting us directly.
Opt-Out
You may opt-out of receiving SMS messages at any time by replying “STOP” to any message you receive. Upon receiving your opt-out request, we will send a confirmation message and cease further communication to that number, except for administrative purposes.
Data Retention and Usage
We will retain your phone number and other personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Usage Data is retained for a shorter period unless used for security enhancement or legal obligations.
Data Security
We prioritize the security of your Personal Data. While no method of transmission over the Internet or electronic storage is entirely secure, we implement appropriate measures to protect your information.
Disclosure of Data
We do not share any personal data, such as mobile information, with third parties/affiliates for marketing/promotional purposes. We may share your Personal Data with Service Providers to facilitate our Service or for analytics purposes. We may also disclose your information in compliance with legal obligations or in the case of a business transfer such as a merger or sale.
California Consumer Privacy Act (CCPA) Compliance
Your Rights Under the CCPA
If you are a California resident, you have specific rights regarding your personal information. This section describes your CCPA rights and explains how to exercise those rights.
Right to Know and Access
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
The categories of personal information we collected about you.
The categories of sources for the personal information we collected about you.
Our business or commercial purpose for collecting that personal information.
The categories of third parties with whom we share that personal information.
The specific pieces of personal information we collected about you.